During a hackthebox stego challenge I stumbled upon a nice tool called tapcleaner by bokvamme and luigidifraia.
I converted wav files to tap with wav2tap (c64tapedecode) but wasn’t able to load them. With tapcleaner it was possible to optimize the output in a way that the tap file was recognized by tapcleaner and I was able to extract the prg’s which contained the flag.

When I got some free time I try to solve some beginners hacker ctfs. Recently I stumbled over cmd2 at Pwnable.kr and it took me some time to solve it. Later I realized that my earlier attempts would have been successful if I knew the difference between calling arguments with "..." or '...'. 🙂
For starters, when calling a binary with "$(...)" the code inside $(…) will be executed first and then the result will be the arg for the binary.
When a binary is called with '$(...)' the whole parameter will be seen as argument. With some help from youtube I used the following solution for cmd2:

Looks like to totally forgot to insert a readme with the link to the original sources. Shame on me. I’ll do that later but meanwhile here the link where I got all the stuff: https://svn.pacedev.net/repos/pace/
Kudos to tcdev for all the work!